2 matches found
CVE-2024-1043
CVE-2024-1043 affects the WordPress plugin AMP for WP – Accelerated Mobile Pages. A missing capability check in the function amppb_remove_saved_layout_data in all versions up to 1.0.93.1 allows authenticated users with contributor access and above to delete arbitrary posts. Affected versions:
WordPress AMP for WP Plugin <= 1.0.93.1 is vulnerable to Broken Access Control
Software AMP for WP Type Plugin Vulnerable versions = 1.0.93.1 Fixed in 1.0.93.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-1043 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9c0cb8faa4a6 Credits Sean Murphy Required privileg...